We have already encountered the abort function in section Dynamic type system. In that case it was used when a type mismatch was detected. However, talloc calls this abort function in several more situations:

·

when the provided pointer is not a valid talloc context,

·

when the meta data is invalid - probably due to memory corruption,

·

and when an access after free is detected.

The third one is probably the most interesting. It can help us with detecting an attempt to double-free a context or any other manipulation with it via talloc functions (using it as a parent, stealing it, etc.).

Before the context is freed talloc sets a flag in the meta data. This is then used to detect the access after free. It basically works on the assumption that the memory stays unchanged (at least for a while) even when it is properly deallocated. This will work even if the memory is filled with the value specified in TALLOC_FREE_FILL environment variable, because it fills only the data part and leaves the meta data intact.

Apart from the abort function, talloc uses a log function to provide additional information to the aforementioned violations. To enable logging we shall set the log function with one of:

·

talloc_set_log_fn()

·

talloc_set_log_stderr()

The following code is a sample output of accessing a context after it has been freed:

Talloc can print reports of memory usage of a specified talloc context to a file (to stdout or stderr). The report can be simple or full. The simple report provides information only about the context itself and its direct descendants. The full report goes recursively through the entire context tree. See:

We can notice in this report that something is wrong with the context containing struct foo. We know that the structure has only one string element. However, we can see in the report that it has two children. This indicates that we have either violated the memory hierarchy or forgotten to free it as temporary data. Looking into the code, we can see that 'Foo is my parent' should be attached to ctx.